An out-of-bounds read in png_convert_to_rfc1123() in png.c could potentially beexploited by a crafted PNG file to leak information from an application's memory(CVE-2015-7981). Buffer overflow vulnerabilities in functionspng_get_PLTE/png_set_PLTE, allowing remote attackers to cause DoS to applicationor have unspecified other impact (CVE-2015-8126). Also includes various othersmall bug fixes as detailed in the package changelog.--------------------------------------------------------------------------------References:

This update can be installed with the "yum" update program. Usesu -c 'yum update libpng10' at the command line.For more information, refer to "Managing Software with yum",available at https://docs.fedoraproject.org/yum/.